+
-
-
-
- {{/if}}
+
{{/if}}
);
diff --git a/app/assets/javascripts/discourse/tests/acceptance/login-required-test.js b/app/assets/javascripts/discourse/tests/acceptance/login-required-test.js
index 85c600e0262..f78b0f7ead6 100644
--- a/app/assets/javascripts/discourse/tests/acceptance/login-required-test.js
+++ b/app/assets/javascripts/discourse/tests/acceptance/login-required-test.js
@@ -9,8 +9,8 @@ acceptance("Login Required - Full page login", function (needs) {
await visit("/");
assert.strictEqual(
currentRouteName(),
- "login",
- "it redirects them to login"
+ "discovery.login-required",
+ "it shows the login required splash"
);
await click(".login-button");
diff --git a/app/assets/javascripts/discourse/tests/acceptance/static-test.js b/app/assets/javascripts/discourse/tests/acceptance/static-test.js
index c89102f576a..ab4d1852ac6 100644
--- a/app/assets/javascripts/discourse/tests/acceptance/static-test.js
+++ b/app/assets/javascripts/discourse/tests/acceptance/static-test.js
@@ -43,11 +43,19 @@ acceptance("Static pages", function () {
test("Login-required page", async function (assert) {
this.siteSettings.login_required = true;
- await visit("/login");
+ await visit("/");
- assert.strictEqual(currentRouteName(), "login");
+ assert.strictEqual(currentRouteName(), "discovery.login-required");
assert.dom(".body-page").exists("The content is present");
assert.dom(".sign-up-button").exists();
assert.dom(".login-button").exists();
});
+
+ test("Login-required - Login Route", async function (assert) {
+ this.siteSettings.login_required = true;
+ await visit("/login");
+
+ assert.strictEqual(currentRouteName(), "login");
+ assert.dom(".login-fullpage").exists("The login full page form is shown");
+ });
});
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 84a6ec562bb..9952dae0167 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -753,6 +753,7 @@ class ApplicationController < ActionController::Base
cookies[:destination_url] = destination_url
redirect_to path("/auth/#{Discourse.enabled_authenticators.first.name}")
else
+ return if request.path == path("/") && !cookies[:authentication_data]
# save original URL in a cookie (javascript redirects after login in this case)
cookies[:destination_url] = destination_url
redirect_to path("/login")
diff --git a/app/controllers/categories_controller.rb b/app/controllers/categories_controller.rb
index f17f7cc2616..f6837f1fe55 100644
--- a/app/controllers/categories_controller.rb
+++ b/app/controllers/categories_controller.rb
@@ -18,6 +18,7 @@ class CategoriesController < ApplicationController
before_action :fetch_category, only: %i[show update destroy visible_groups]
before_action :initialize_staff_action_logger, only: %i[create update destroy]
+
skip_before_action :check_xhr,
only: %i[
index
diff --git a/app/controllers/custom_homepage_controller.rb b/app/controllers/custom_homepage_controller.rb
deleted file mode 100644
index a2473beffe2..00000000000
--- a/app/controllers/custom_homepage_controller.rb
+++ /dev/null
@@ -1,9 +0,0 @@
-# frozen_string_literal: true
-
-class CustomHomepageController < ApplicationController
- skip_before_action :check_xhr, only: [:index]
-
- def index
- respond_to { |format| format.html { render :index } }
- end
-end
diff --git a/app/controllers/home_page_controller.rb b/app/controllers/home_page_controller.rb
new file mode 100644
index 00000000000..f2f9f1acf9b
--- /dev/null
+++ b/app/controllers/home_page_controller.rb
@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class HomePageController < ApplicationController
+ skip_before_action :check_xhr, only: %i[custom blank]
+
+ def custom
+ respond_to { |format| format.html { render :custom } }
+ end
+
+ def blank
+ respond_to { |format| format.html { render "default/blank" } }
+ end
+end
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index 72a22ec0806..fc49b2788ad 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -456,6 +456,8 @@ module ApplicationHelper
if current_user && !crawler_layout?
params.key?(:print)
else
+ return false if !current_user && SiteSetting.login_required?
+
crawler_layout? || !mobile_view? || !modern_mobile_device?
end
end
diff --git a/app/views/default/blank.html.erb b/app/views/default/blank.html.erb
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/app/views/custom_homepage/index.erb b/app/views/home_page/custom.erb
similarity index 100%
rename from app/views/custom_homepage/index.erb
rename to app/views/home_page/custom.erb
diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml
index ee76fc80b07..048a01ab0db 100644
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@@ -4620,7 +4620,7 @@ en:
offline_page_message: "It looks like you are offline! Please check your network connection and try again."
login_required:
- welcome_message: "# [Welcome to %{title}](#welcome)"
+ welcome_message: "# Welcome to %{title}"
upload:
edit_reason: "downloaded local copies of images"
diff --git a/config/routes.rb b/config/routes.rb
index 4465269db40..e12f3170d35 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -551,6 +551,7 @@ Discourse::Application.routes.draw do
post "login" => "static#enter"
get "login" => "static#show", :id => "login"
+ get "login-required" => "static#show", :id => "login"
get "login-preferences" => "static#show", :id => "login"
get "signup" => "static#show", :id => "signup"
get "password-reset" => "static#show", :id => "password_reset"
@@ -1707,11 +1708,13 @@ Discourse::Application.routes.draw do
constraints: HomePageConstraint.new("finish_installation"),
as: "installation_redirect"
- root to: "custom_homepage#index",
+ root to: "home_page#custom",
constraints: HomePageConstraint.new("custom"),
- as: "custom_index"
+ as: "home_page_custom"
- get "/custom" => "custom_homepage#index"
+ root to: "home_page#blank", constraints: HomePageConstraint.new("blank"), as: "home_page_blank"
+
+ get "/custom" => "home_page#custom"
get "/user-api-key/new" => "user_api_keys#new"
post "/user-api-key" => "user_api_keys#create"
diff --git a/lib/homepage_helper.rb b/lib/homepage_helper.rb
index 93919cf04ab..8c301970f55 100644
--- a/lib/homepage_helper.rb
+++ b/lib/homepage_helper.rb
@@ -2,6 +2,8 @@
class HomepageHelper
def self.resolve(request = nil, current_user = nil)
+ return "blank" if !current_user && SiteSetting.login_required?
+
return "custom" if ThemeModifierHelper.new(request: request).custom_homepage
enabled = false
diff --git a/spec/lib/homepage_helper_spec.rb b/spec/lib/homepage_helper_spec.rb
index 334f20ce2b2..b35bde83c2a 100644
--- a/spec/lib/homepage_helper_spec.rb
+++ b/spec/lib/homepage_helper_spec.rb
@@ -48,5 +48,17 @@ RSpec.describe HomepageHelper do
expect(HomepageHelper.resolve).to eq("top")
end
end
+
+ context "with login required" do
+ before do
+ SiteSetting.login_required = true
+ SiteSetting.top_menu = "new|top|latest|unread"
+ end
+
+ it "returns a blank route for anon, first result from top menu for authenticated user" do
+ expect(HomepageHelper.resolve).to eq("blank")
+ expect(HomepageHelper.resolve(nil, user)).to eq("new")
+ end
+ end
end
end
diff --git a/spec/requests/application_controller_spec.rb b/spec/requests/application_controller_spec.rb
index 230af6201fa..4a5c7048b43 100644
--- a/spec/requests/application_controller_spec.rb
+++ b/spec/requests/application_controller_spec.rb
@@ -14,9 +14,10 @@ RSpec.describe ApplicationController do
expect(response.headers["Cache-Control"]).to eq("no-cache, no-store")
end
- it "should redirect to login normally" do
+ it "should not redirect to login" do
get "/"
- expect(response).to redirect_to("/login")
+ expect(response).not_to redirect_to("/login")
+ expect(response.status).to eq(200)
end
it "should redirect to SSO if enabled" do
@@ -27,10 +28,11 @@ RSpec.describe ApplicationController do
end
it "should redirect to authenticator if only one, and local logins disabled" do
- # Local logins and google enabled, direct to login UI
+ # Local logins and google enabled, show login UI
SiteSetting.enable_google_oauth2_logins = true
get "/"
- expect(response).to redirect_to("/login")
+ expect(response).not_to redirect_to("/login")
+ expect(response.status).to eq(200)
# Only google enabled, login immediately
SiteSetting.enable_local_logins = false
@@ -40,7 +42,8 @@ RSpec.describe ApplicationController do
# Google and GitHub enabled, direct to login UI
SiteSetting.enable_github_logins = true
get "/"
- expect(response).to redirect_to("/login")
+ expect(response).not_to redirect_to("/login")
+ expect(response.status).to eq(200)
end
it "should not redirect to SSO when auth_immediately is disabled" do
@@ -49,7 +52,8 @@ RSpec.describe ApplicationController do
SiteSetting.enable_discourse_connect = true
get "/"
- expect(response).to redirect_to("/login")
+ expect(response).not_to redirect_to("/login")
+ expect(response.status).to eq(200)
end
it "should not redirect to authenticator when auth_immediately is disabled" do
@@ -58,7 +62,8 @@ RSpec.describe ApplicationController do
SiteSetting.enable_local_logins = false
get "/"
- expect(response).to redirect_to("/login")
+ expect(response).not_to redirect_to("/login")
+ expect(response.status).to eq(200)
end
context "with omniauth in test mode" do
diff --git a/spec/requests/custom_homepage_controller_spec.rb b/spec/requests/home_page_controller_spec.rb
similarity index 95%
rename from spec/requests/custom_homepage_controller_spec.rb
rename to spec/requests/home_page_controller_spec.rb
index 6b9213c2983..6ab95889d28 100644
--- a/spec/requests/custom_homepage_controller_spec.rb
+++ b/spec/requests/home_page_controller_spec.rb
@@ -1,7 +1,7 @@
# frozen_string_literal: true
-RSpec.describe CustomHomepageController do
- describe "#index" do
+RSpec.describe HomePageController do
+ describe "#custom" do
context "with crawler view" do
it "should display the menu by default" do
get "/custom", headers: { "HTTP_USER_AGENT" => "Googlebot" }
diff --git a/spec/requests/list_controller_spec.rb b/spec/requests/list_controller_spec.rb
index 8c5afc40b28..dcccee56870 100644
--- a/spec/requests/list_controller_spec.rb
+++ b/spec/requests/list_controller_spec.rb
@@ -356,6 +356,20 @@ RSpec.describe ListController do
expect(response.parsed_body["topic_list"]["categories"]).to eq(nil)
end
end
+
+ context "when login required" do
+ before do
+ SiteSetting.login_required = true
+ SiteSetting.bootstrap_mode_enabled = false
+ SiteSetting.has_login_hint = false
+ end
+
+ it "returns nothing from topic list on homepage for login required" do
+ get "/"
+ expect(response.status).to eq(200)
+ expect(response.body).not_to include(topic.title)
+ end
+ end
end
describe "categories and X" do
diff --git a/spec/system/login_spec.rb b/spec/system/login_spec.rb
index 7ecbdf73629..f3f07e189a7 100644
--- a/spec/system/login_spec.rb
+++ b/spec/system/login_spec.rb
@@ -7,6 +7,9 @@ shared_examples "login scenarios" do |login_page_object|
let(:activate_account) { PageObjects::Pages::ActivateAccount.new }
let(:user_preferences_security_page) { PageObjects::Pages::UserPreferencesSecurity.new }
fab!(:user) { Fabricate(:user, username: "john", password: "supersecurepassword") }
+ fab!(:category)
+ fab!(:topic) { Fabricate(:topic, user: user, category: category) }
+ fab!(:topic2) { Fabricate(:topic, user: user) }
fab!(:admin) { Fabricate(:admin, username: "admin", password: "supersecurepassword") }
let(:user_menu) { PageObjects::Components::UserMenu.new }
@@ -134,13 +137,30 @@ shared_examples "login scenarios" do |login_page_object|
Fabricate(:group_private_message_topic, user: user, recipient_group: group)
visit "/t/#{pm.id}"
- find(".login-welcome .login-button").click
login_form.fill(username: "john", password: "supersecurepassword").click_login
expect(page).to have_css(".header-dropdown-toggle.current-user")
expect(page).to have_css("#topic-title")
expect(page).to have_css(".private_message")
end
+
+ it "does not leak topics" do
+ visit "/"
+
+ expect(page).to have_css(".login-welcome")
+
+ expect(page.body).not_to include(topic.title)
+ expect(page.body).not_to include(topic2.title)
+ end
+
+ it "does not leak category metadata if homepage is /categories" do
+ SiteSetting.top_menu = "categories|latest|new|unread|top"
+ visit "/"
+
+ expect(page).to have_css(".login-welcome")
+
+ expect(page.body).not_to include(category.name)
+ end
end
context "when login is not required" do
@@ -359,11 +379,11 @@ shared_examples "login scenarios" do |login_page_object|
end
describe "Login", type: :system do
- context "when fullpage desktop" do
+ context "when desktop" do
include_examples "login scenarios", PageObjects::Pages::Login.new
end
- context "when fullpage mobile", mobile: true do
+ context "when mobile", mobile: true do
include_examples "login scenarios", PageObjects::Pages::Login.new
end
end
diff --git a/spec/system/social_authentication_spec.rb b/spec/system/social_authentication_spec.rb
index 2625b3b5f14..80d1cc15e28 100644
--- a/spec/system/social_authentication_spec.rb
+++ b/spec/system/social_authentication_spec.rb
@@ -272,8 +272,7 @@ shared_examples "social authentication scenarios" do |signup_page_object, login_
mock_google_auth
visit("/login")
- expect(page).to have_css(".login-welcome")
- expect(page).to have_css(".site-logo")
+ expect(page).to have_css(".btn-social")
visit("/")
expect(page).to have_css(".login-welcome")
- ![]()
-
+ {{#if @controller.hasNoLoginOptions}}
+ {{i18n - "login.no_login_methods.title" - }}
-- {{htmlSafe - (i18n - "login.no_login_methods.description" - (hash adminLoginPath=@controller.adminLoginPath) - ) - }} -
-
+
-
+ {{else}}
+ {{#if @controller.site.mobileView}}
+
+
+ {{#if @controller.showLoginButtons}}
+
-
- {{else}}
- {{! Show the login-required splash screen }}
- {{bodyClass "static-login"}}
-
+ ![]()
+
- {{else}}
- {{#if @controller.site.mobileView}}
- {{i18n + "login.no_login_methods.title" + }}
++ {{htmlSafe + (i18n + "login.no_login_methods.description" + (hash adminLoginPath=@controller.adminLoginPath) + ) + }} +
+ {{#if @controller.site.desktopView}}
+
+
+ {{/if}}
+
+ {{/if}}
+
+ {{#if
+ (and @controller.showLoginButtons @controller.site.desktopView)
+ }}
+ {{#unless @controller.canLoginLocal}}
+
+
+ {{/unless}}
+ {{#if @controller.hasAtLeastOneLoginButton}}
+
- {{#if @controller.site.desktopView}}
-
-
- {{/if}}
-
{{/if}}
-
- {{#if
- (and @controller.showLoginButtons @controller.site.desktopView)
- }}
- {{#unless @controller.canLoginLocal}}
-
-
- {{/unless}}
- {{#if @controller.hasAtLeastOneLoginButton}}
-
-
- {{/if}}
- {{/if}}
{{/if}}
+ {{/if}}
- {{#if @controller.site.mobileView}}
- {{#unless @controller.hasNoLoginOptions}}
-
-
-
-
-
- {{htmlSafe @controller.model.html}}
-
-
-